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REMARKS 

The Examiner is thanked for the comments in the Action. They have helped us 
considerably in understanding the Action and in drafting this Response thereto. 
5 It is our understanding that claims 1-30 remain pending in this application, wherein 

claims 2, 4-5, 12, 14-15, 21, and 24-25 have been amended for reasons specifically remarked 
upon, below. 

Item 1 (§ 101 rejections): 

10 Claims 1 1-30 are rejected because the claimed invention is felt to be directed to non- 

statutory subject matter. Respectfully this is error. 

The Action here states "Regarding claims 1 1-30, they comprise a computer program." 
This is incomplete in part and incorrect in part. With respect to incompleteness, claims 1 1-20 
comprise "[a] computer program, embodied on a computer readable storage medium As 

15 such, these claims are directed to an article of manufacture. With respect to incorrectness, claims 
21-30 comprise a system (machine) recited as means plus functions. Both manufactures and 
machines are specifically defined in 35 U.S.C. 101 to be patentable subject matters, and 35 
U.S.C. 1 12, %6 specifically permits claims to be recited in means plus function format. 

20 Item 2 (§ 112, %2 rejections): 

Claims 2, 4-9, 12, 14-19, 22, 25-29 are rejected as being indefinite. Applicant responds 
by amendment in part and by traverse in part. 

Claims 2, 4-5, 12, 14-15, 21, and 24-25 are herein amended. 

With respect to claims 7, 17, and 27, we respectfully urge that these are correct as they 
25 currently read. For example, claim 7 recites "adding said new ACEs to the DACL in said copy to 
deny all local groups said access rights" (underline emphasis added here). Claim 7 depends from 
claim 6, which depends from claim 5, which depends from claim 1, which recites "adding a new 
access control entry (ACE)." There thus is antecedent basis in claim 7 for at least "said new 
ACE." However, "local groups" is recited in claim 7 as plural because, while there may 
30 theoretically be only one local group, it is overwhelmingly the case in actual operating systems 
that there are many local groups (as one of ordinary skill in the art will generally know and as 
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discussed in Applicant's specification). Accordingly, "said new ACEs" as recited in clam 7 (and 
in clams 17 and 27) has antecedent basis, is grammatically correct, and recites this limitation in 
the manner best understandable to one of ordinary skill in the art. 

5 Item 3 (§ 102(e) rejections): 

Claims 1-30 are rejected under 35 U.S.C. 102(e) as being anticipated by Shaji. 
Respectfully this is error. 

Regarding claim 1 , the Action states that "Shaji discloses: making a copy of the security 
descriptor (par. 18, 91)." However, the citations do not support the assertion. To the extent that 

10 any security descriptor is "copied" here in Shaji, this is not applicable to the relevant context. 
Many things in an operating system have security descriptors, and the only one that is relevant 
here is "a security descriptor for the securable object" and that this securable object be one that 
"includes a discretionary access control list (DACL)" (claim 1 preamble). Shaji nowhere teaches 
or discusses a discretionary access control list. In fact, Shaji does not even use the word 

15 "discretionary" anywhere. Accordingly, the Action fails to state a prima facie case based on 
Shaji. More importantly, we urge that Shaji simply cannot support a prima facie case for 
anticipation because it simply does not teach a security descriptor that is equivalent to 
Applicant's as recited in the claims. 

Continuing with respect to claim 1, the Action next states that [Shaji discloses] "adding a 

20 new access control entry (ACE) to the DACL in said copy, wherein said new ACE specifies 
denying the locally privileged group an access right to the securable object (par. 18, 19, 89)" 
(underline emphasis added). However, as discussed above, there is no showing that Shaji teaches 
a DACL (for a securable object in an operating system or even for anything). In [0018] and 
[0019] Shaji also does not teach an access control entry (ACE). If Shaji did, it would presumably 

25 have used the industry standard term "access control entry" or acronym "ACE," as it does 
elsewhere, including [0089]. As for [0089], this is a recitation of entirely conventional ACE 
characteristics and nowhere teaches denying anything, specifically not by using a new ACE, 
specifically not to a locally privileged group, and more specifically not all of these also with the 
other limitations recited in claim 1 . 

30 Continuing further with respect to claim 1, the Action next states that [Shaji discloses] 

"overwriting the security descriptor in the operating system with said copy (par. 18)." Howevere, 
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in [0018] Shaji merely teaches loading and mapping to a security descriptor. It teaches nothing 
here about overwriting a security descriptor, and especially not about doing so with a copy as 
prepared in accord with the limitations in the preceding step in claim 1 . 

In sum, Shaji does not teach all of the limitations of Applicant's claim 1 and this claim 
5 should be allowed. 

Regarding claim 2 , it should be allowed for at least the same reasons as parent claim 1. 
The Action here further states "Shaji discloses: determining the relative identifier (RID) of the 
securable object; and finding the security descriptor for the securable object based on said RID 
(par. 13, 64)." However, the cite here also does not support the assertion here. For example, the 
10 cited paragraphs do not teach a relative identifier (RID), much less one used in the specific 
manner recited in the claim. 

Regarding claim 3 , it should also be allowed for at least the same reasons as parent claim 
1. The Action here further states "Shaji discloses: further comprising examining the DACL to 
discover whether said access right is already denied (par. 18)." However, we have shown above 
15 that Shaji does not teach DACL, and the cite clearly does not teach examining and discovering 
steps related to such. 

Regarding claim 4 , it should also be allowed for at least the same reasons as parent claim 
1. The Action here further states "Shaji discloses: wherein said new ACE is added as the first 
ACE in the DACL (fig. 14,15)." However, we have shown above that Shaji does not teach 
20 DACL and, although Shaji does teach ALE, it does not teach adding such to a DACL in the 
manner recited here. Noteably FIGS. 14-15 of Shaji do not support the assertion here, if for no 
other reason than that they do not show a DACL. 

Regarding claim 5 , it should also be allowed for at least the same reasons as parent claim 
1. The Action here further states "Shaji discloses: wherein the securable object is a group other 
25 than the local administrators group (par. 4)." This is nonsense. As is well known in the art, 

groups categorize securable objects (e.g., membership in a group, or the absence there of, defines 
the access rights to a securable object). 

Regarding claim 6 , it should also be allowed for at least the same reasons as parent 
claims 5 and 1 . 

30 Regarding claim 7 , it should also be allowed for at least the same reasons as parent 

claims 6, 5, and 1. The Action here further states "Shaji discloses: wherein said domain 
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administrator group is a remotely hosted group, and the method further comprising adding said 
new ACEs to the DACL in said copy to deny all local groups said access right to the securable 
object (par. 4,5,47)." However, we have shown above that Shaji does not teach DACL. 
Furthermore, although [0004], [0005], and [0047] are newly cited here, they also do not teach 
5 DACL, and particularly not such as subject to the other limitations recited in claim 7. 

Regarding claims 8-10 , these should also be allowed for at least the same reasons as their 
parent claims. 

Regarding claims 11-30 , the Action states that "they comprise essentially similar 
recitations [as claims 1-10]." Applicant agrees, and urges that they are allowable, at least, for the 
10 same reasons. 

Item (Conclusion): This appears informational in nature and is understood to require no reply. 



Applicant has endeavored to put this case into complete condition for allowance. It is 
thought that the § 10 1 rejections have been shown to be unfounded, that the § 1 12 rejections have 
all been corrected by amendment or rebutted, and that the §102 rejections are shown to be 
unfounded on the prior art reference cited. Applicant therefore asks that all objections and 
20 rejections now be withdrawn and that allowance of all claims presently in the case be granted. 

Patent Venture Group Respectfully Submitted, 

10788 Civic Center Drive, Suite 215 
Rancho Cucamonga, California 91730-3805 



CONCLUSION 



15 
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Raymond E. Roberts 
Reg. No.: 38,597 
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